Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/tH-aM3amMBG1iSKXBg4vadfFgBY.roa
File: tH-aM3amMBG1iSKXBg4vadfFgBY.roa (raw, json)
Hash identifier: DMwTO0NF4c2RHQaRi9z14nOrIKpjiQQTN5vfW1vLglY=
Subject key identifier: B4:7F:9A:33:76:A6:30:11:B5:89:22:97:06:0E:2F:69:D7:C5:80:16
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0186158651E824A1288C646439179A78AF97
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/tH-aM3amMBG1iSKXBg4vadfFgBY.roa
Signing time: Fri 03 Feb 2023 04:26:09 +0000
ROA not before: Fri 03 Feb 2023 04:26:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31363
IP address blocks: 86.62.92.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.91.254.0/24 maxlen: 24
195.91.255.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
2a02:2698:9800::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:15:86:51:e8:24:a1:28:8c:64:64:39:17:9a:78:af:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Feb 3 04:26:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b47f9a3376a63011b5892297060e2f69d7c58016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:f2:ce:62:76:80:37:2c:4b:6a:d7:33:1d:
72:82:ca:af:12:ed:5c:db:55:e9:1f:cf:7c:0e:f2:
90:e9:21:8c:71:23:4c:59:37:66:3c:99:8f:d1:9b:
77:ca:f7:16:47:77:1e:7d:bd:db:cf:02:7b:86:b1:
0d:24:29:0b:15:f7:86:34:09:50:9b:4b:e9:dd:92:
25:b3:ee:91:7c:f2:29:0d:55:d9:82:91:bd:e1:f8:
d8:bd:43:e3:99:7a:b8:2e:74:13:f4:ad:28:27:dc:
37:5e:06:7d:73:6e:57:a9:d3:2b:5a:12:63:0b:1a:
40:17:f2:f9:8d:42:1d:93:d8:2c:b5:f8:dd:6f:90:
1f:e8:1a:01:c1:87:5b:29:02:f5:7e:91:c7:64:43:
b5:8d:8c:ed:d8:c4:96:00:4c:1a:e9:6d:de:13:72:
cb:1c:c7:b7:40:fd:b5:93:04:5b:f7:67:1a:23:c9:
32:98:a7:ae:7e:72:50:73:38:29:6d:32:e4:42:34:
5d:56:b8:be:6a:24:ab:12:6a:ba:9b:fb:fa:31:76:
9b:b0:55:2b:f2:9e:00:34:e9:b3:46:66:58:21:8a:
c3:22:56:73:8d:71:dd:95:9e:e1:97:c0:c8:72:1c:
b0:cf:55:da:f8:7b:90:31:84:96:b3:04:8c:8c:21:
66:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:7F:9A:33:76:A6:30:11:B5:89:22:97:06:0E:2F:69:D7:C5:80:16
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/tH-aM3amMBG1iSKXBg4vadfFgBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.92.0/24
86.62.125.0/24
195.91.149.0/24
195.91.168.0/21
195.91.208.0/22
195.91.213.0/24
195.91.215.0/24
195.91.217.0-195.91.226.255
195.91.228.0-195.91.247.255
195.91.254.0/23
IPv6:
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
be:ee:20:06:80:1c:78:7d:d8:c5:a7:83:4d:d6:ad:f8:1d:92:
b3:8c:1a:8e:20:08:ae:37:b9:67:eb:f4:7d:2d:54:db:71:51:
6b:51:30:ac:3c:b3:0f:16:ea:e5:30:e7:72:54:75:9e:7d:c2:
bb:08:ba:72:12:a2:84:fd:5c:a5:09:74:b0:1d:fe:2b:4b:8f:
8c:5d:95:2f:c9:94:07:e7:ac:b3:28:46:fb:7a:87:96:31:2e:
bb:c6:f0:fa:93:63:23:c3:c7:d4:eb:69:47:54:27:7d:87:6a:
e2:2f:9c:58:46:80:51:9e:c6:c9:da:7b:46:00:89:51:c1:f9:
4a:0e:6d:70:02:82:5b:e4:da:b5:db:00:96:86:f5:28:e7:da:
7d:f8:63:1b:18:82:92:29:a8:56:38:42:79:7b:cc:b3:d0:2f:
2d:2c:86:58:10:fd:a0:11:94:d9:05:cd:d8:25:b3:25:ef:c3:
1c:75:a9:45:42:e0:23:37:7e:18:db:ff:27:52:5a:31:23:70:
4b:d9:c7:d2:b4:31:2e:0e:52:83:16:c0:b1:f5:39:22:a4:5c:
53:00:f3:94:5f:cb:f2:73:89:91:bb:68:80:de:16:ca:c4:9f:
23:1a:0c:50:28:8e:99:e7:37:2a:03:aa:27:d2:c0:f2:59:f7:
dc:8d:60:1f
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYYVhlHoJKEojGRkOReaeK+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMjAzMDQyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDdmOWEzMzc2YTYzMDExYjU4OTIyOTcwNjBlMmY2OWQ3YzU4MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm93yzmJ2gDcsS2rXMx1ygsqvEu1c
21XpH898DvKQ6SGMcSNMWTdmPJmP0Zt3yvcWR3cefb3bzwJ7hrENJCkLFfeGNAlQ
m0vp3ZIls+6RfPIpDVXZgpG94fjYvUPjmXq4LnQT9K0oJ9w3XgZ9c25XqdMrWhJj
CxpAF/L5jUIdk9gstfjdb5Af6BoBwYdbKQL1fpHHZEO1jYzt2MSWAEwa6W3eE3LL
HMe3QP21kwRb92caI8kymKeufnJQczgpbTLkQjRdVri+aiSrEmq6m/v6MXabsFUr
8p4ANOmzRmZYIYrDIlZzjXHdlZ7hl8DIchywz1Xa+HuQMYSWswSMjCFmmQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFLR/mjN2pjARtYkilwYOL2nXxYAWMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvdEgtYU0zYW1NQkcxaVNLWEJnNHZhZGZGZ0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBSBAIAATBMAwQAVj5cAwQA
Vj59AwQAw1uVAwQDw1uoAwQCw1vQAwQAw1vVAwQAw1vXMAwDBADDW9kDBADDW+Iw
DAMEAsNb5AMEA8Nb8AMEAcNb/jAOBAIAAjAIAwYCKgImmJgwDQYJKoZIhvcNAQEL
BQADggEBAL7uIAaAHHh92MWng03WrfgdkrOMGo4gCK43uWfr9H0tVNtxUWtRMKw8
sw8W6uUw53JUdZ59wrsIunISooT9XKUJdLAd/itLj4xdlS/JlAfnrLMoRvt6h5Yx
LrvG8PqTYyPDx9TraUdUJ32HauIvnFhGgFGexsnae0YAiVHB+UoObXACglvk2rXb
AJaG9Sjn2n34YxsYgpIpqFY4Qnl7zLPQLy0shlgQ/aARlNkFzdglsyXvwxx1qUVC
4CM3fhjb/ydSWjEjcEvZx9K0MS4OUoMWwLH1OSKkXFMA85Rfy/JziZG7aIDeFsrE
nyMaDFAojpnnNyoDqifSwPJZ99yNYB8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:26 2025 by rpki-client